mirror of
https://dev.iopsys.eu/feed/iopsys.git
synced 2026-03-11 03:28:36 +01:00
icwmp: regenerate ssl link in boot()
This commit is contained in:
Amin Ben Ramdhane
vdutta
parent
35bb02b726
commit
32192f5423
3 changed files with 34 additions and 39 deletions
|
|
@ -119,7 +119,6 @@ define Package/icwmp/default/install
|
|||
$(INSTALL_BIN) ./files/etc/init.d/icwmpd $(1)/etc/init.d/icwmpd
|
||||
$(INSTALL_BIN) ./files/etc/uci-defaults/85-cwmp-set-userid $(1)/etc/uci-defaults/
|
||||
$(INSTALL_BIN) ./files/etc/uci-defaults/90-cwmpfirewall $(1)/etc/uci-defaults/
|
||||
$(INSTALL_BIN) ./files/etc/uci-defaults/95-icwmp-generate-ssl $(1)/etc/uci-defaults/
|
||||
$(INSTALL_DATA) ./files/lib/upgrade/keep.d/icwmp $(1)/lib/upgrade/keep.d/icwmp
|
||||
$(INSTALL_BIN) ./files/etc/icwmpd/update.sh $(1)/etc/icwmpd/update.sh
|
||||
$(INSTALL_DATA) ./files/etc/bbfdm/json/CWMPManagementServer.json $(1)/etc/bbfdm/json/
|
||||
|
|
|
|||
|
|
@ -15,6 +15,34 @@ log() {
|
|||
echo "${@}"|logger -t cwmp.init -p info
|
||||
}
|
||||
|
||||
regenerate_ssl_link()
|
||||
{
|
||||
local cert_dir all_file rehash
|
||||
|
||||
cert_dir="${1}"
|
||||
[ ! -d "${cert_dir}" ] && return 0;
|
||||
|
||||
### Generate all ssl link for pem certicates ###
|
||||
all_file=$(ls $cert_dir/*.pem 2>/dev/null)
|
||||
if [ -n "${all_file}" ]; then
|
||||
for cfile in $all_file; do
|
||||
rehash="$(openssl x509 -hash -noout -in $cfile)"
|
||||
[ -f ${cert_dir}/${rehash}.0 ] || \
|
||||
ln -s $cfile $cert_dir/${rehash}.0
|
||||
done
|
||||
fi
|
||||
|
||||
### Generate all ssl link for crt certicates ###
|
||||
all_file=$(ls $cert_dir/*.crt 2>/dev/null)
|
||||
if [ -n "${all_file}" ]; then
|
||||
for cfile in $all_file; do
|
||||
rehash="$(openssl x509 -hash -noout -in $cfile)"
|
||||
[ -f ${cert_dir}/${rehash}.0 ] || \
|
||||
ln -s $cfile $cert_dir/${rehash}.0
|
||||
done
|
||||
fi
|
||||
}
|
||||
|
||||
enable_dhcp_option43() {
|
||||
local wan="${1}"
|
||||
|
||||
|
|
@ -172,6 +200,12 @@ boot() {
|
|||
enable_dhcp_option43 "${wan_interface}"
|
||||
/etc/icwmpd/update.sh 1
|
||||
fi
|
||||
|
||||
config_get ssl_capath acs ssl_capath
|
||||
|
||||
if [ -n "${ssl_capath}" ]; then
|
||||
regenerate_ssl_link "${ssl_capath}"
|
||||
fi
|
||||
|
||||
start
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,38 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
. /lib/functions.sh
|
||||
|
||||
regenerate_ssl_link_path()
|
||||
{
|
||||
local cert_dir all_file rehash
|
||||
|
||||
cert_dir="${1}"
|
||||
|
||||
all_file=$(ls $cert_dir/*.pem 2>/dev/null)
|
||||
|
||||
[ ! -d "${cert_dir}" ] && return 0;
|
||||
[ ! -f "${all_file}" ] && return 0;
|
||||
|
||||
for cfile in $all_file
|
||||
do
|
||||
rehash="$(openssl x509 -hash -noout -in $cfile)"
|
||||
[ -f ${cert_dir}/${rehash}.0 ] || \
|
||||
ln -s $cfile $cert_dir/${rehash}.0
|
||||
done
|
||||
}
|
||||
|
||||
regenerate_ssl_link()
|
||||
{
|
||||
local cwmp_ca_path
|
||||
|
||||
regenerate_ssl_link_path "/etc/ssl/certs"
|
||||
|
||||
cwmp_ca_path=$(uci -q get cwmp.acs.ssl_capath)
|
||||
if [[ "${cwmp_ca_path}" != "/etc/ssl/certs"* ]]; then
|
||||
if [ -n "${cwmp_ca_path}" ]; then
|
||||
regenerate_ssl_link_path "${cwmp_ca_path}"
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
regenerate_ssl_link
|
||||
Loading…
Add table
Reference in a new issue